Moneyspyder has always considered safety and security as our highest priorities - a veritable security sieve of a site may convert fantastically well initially but it is still a security sieve and as customers get to know and understand this, their lack of trust will surely erode conversion to dust.
So, being thought leaders in e-commerce, shortly after our inception as a company we embarked on a mission to attain PCI DSS compliance - as described on WikiPedia:
PCI is considered one of the more comprehensive data security standards in a cluster of regulations that have emerged over the past decade; Basel II, Gramm-Leach-Bliley Act (GLBA), Health Insurance Portability Act (HIPAA), Sarbanes-Oxley Act of 2002, California State Bulletin 1386. PCI is regarded as being relatively more prescriptive than these other laws.
Having identified a partner who specialised in, amongst other areas of IT security, PCI DSS compliance we worked closely with Evolution to understand what PCI compliance would mean to us, our clients and their customers and how to achieve the required standards to qualify.
Joining forces with Evolution and Engine Yard, Moneyspyder was ratified as PCI DSS compliant in July 2007. We are delighted with the strength and reliability of the collective solution we offer to our clients and can highly recommend working with Evolution in the arena of security and PCI DSS compliance.
Matthew Tyler, PCI Practice Manager with Evolution Group:
"As a QSA it is Evolution’s role to assist our customers in attaining and maintaining Compliance to the Payment Card Industry Data Security Standards (PCI DSS).
The PCI DSS is the most rigorous and most detailed compliance standard currently in any industry and the attainment of compliance to this standard takes both a commitment from the stakeholders in the business as well as, in most cases, a vast amount of work.
As PCI Practice Manager, I am extremely pleased that we have ratified MoneySpyder as a fully PCI DSS compliant organisation and were extremely impressed with the technical knowledge within their organisation and their willingness to adopt change. They have attained PCI DSS corporate compliance in the shortest possible time and this is solely due to their commitment to their customers and their skill sets."